Vulnerability in TLS Protocol during Renegotiation [CVE-2009-3555]
By chandan on Jan 07, 2010
A security vulnerability in the TLS protocol (TLS 1.0 or later and SSLv3) may allow an unauthenticated, remote attacker to conduct man-in-the-middle (MITM) type of attacks where chosen plain text may be injected as a prefix in an user's TLS session. This vulnerability does not allow one to decrypt or modify the intercepted network communication.
Exact nature of the impact depends on the application making use of the TLS facility.
Sun is evaluating the impact of the issue on various products which make use of the TLS libraries. We are working to fix the TLS implementations according to the TLS protocol standard extensions RFC 5746.
Solaris Kernel SSL:
Solaris Kernel SSL proxy module KSSL does not support client renegotiation or rehandshake. It ignores the rehandshake message which is an allowed behavior by the SSL/TLS specification. Hence it is not vulnerable to this issue. KSSL (see ksslcfg(1M)) is available in Solaris 10 and OpenSolaris. It may be used to workaround the described issue in server applications.
The Java Secure Socket Extension (JSSE) included in the following Java SE and Java SE for Business releases for Windows, Solaris, and Linux are affected:
- JDK and JRE 6 Update 17 and earlier
- JDK and JRE 5.0 Update 22 and earlier
- SDK and JRE 1.4.2_24 and earlier
An interim fix, that disables TLS/SSL renegotiation in JSSE by default, is included in March 2010 Java security update.
GnuTLS libraries in Solaris:
The issue does not affect any server applications distributed with Solaris which use the GnuTLS library. At this time we do not plan to issue any interim fixes to GnuTLS libraries. Fixes to GnuTLS distributed with Solaris would be provided when the proposed TLS extensions become a standard.
OpenSSL libraries in Solaris:
Sun Alert 273029 describes this issue in OpenSSL (openssl(5)) libraries provided with in Solaris 10 and OpenSolaris.
Sun Java Enterprise System Suite
Sun Alert 274990 describes the issue in Sun Java System Web Server 6.1, 7.0, Sun Java System Web Proxy Server 4.0, Sun Java System Application Server Enterprise Edition and Sun GlassFish Enterprise Server v2.1. This article explains the issue in Sun Java System Web Server and provides workarounds and mitigation.